As many know, the cryptographic hash function known as Secure Hash Algorithm 1 (SHA-1) has been deemed weak by NIST, and is no longer recommended. The NSA addressed the weaknesses in SHA-1 by publishing the SHA-2 hash function standard back in 2001. SHA-2 builds on SHA-1 by using similar algorithms with larger block and state sizes.

SHA-1 is a widely adopted hash algorithm that can no longer be considered trustworthy. Current PKI design analysts must weigh the benefits of implementing SHA-2 verses the compatibility problems associated with its adoption. This design decision is driven by the recent understanding that SHA-1 hashes are cryptographically weak and the opportunity for malicious manipulation of resulting hash values are much easier than originally anticipated. This is a serious problem if an authentic digital signature on contract for $100, cannot be distinguished from a fraudulent digital signature on a contract worth $100,000.